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IN THE CLAIMS 



Please amend the pending claims as follows: 



1 . (Currently Amended) A method of auth e nticating a cli e nt to a communication 
syst e m comprising th e st e ps of : 

receiving at [Tthell a mobile client from a mobile station a subscriber 
identity corresponding to a subscriber of a mobile telecommunication network, 
wherein the mobile telecommunication network is separate from [[the]] a 
communication system to which the mobile client is to be authenticated; 

sending the subscriber identity from the mobile client to an authentication 
block of the mobile telecommunication network; 

receiving at the mobile client from the authentication block at least one 
challenge and at least one first secret based on a subscriber's secret specific to the 
subscriber identity; 

sending from the mobile client the at least one challenge to a subscriber 
identity module; 

receiving at the mobile client at least one second secret in response to the at 
least one challenge; and 

using the second secret for authenticating the mobile client. 



2. (Currently Amended) The method of auth e nticating o f according to claim 1 further 
comprising: 

receiving a PiN personal identification number from a user; and 
transmitting wirelessly the PIN personal identification number to the 

mobile station. 



3. (Currently Amended) The method according to claim 2 further comprising: 

encrypting the PiN personal identification number before th e st e p of 
transmitting the personal identification number . 



4. (Currently Amended) The method according to claim 1 wherein th e st e p of using 
the second secret further comprises: 

encrypting the second secret to provide a encrypted second secret; 

and 
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transmitting the encrypted second secret to the communication 

system. 

5. (Currently Amended) The method according to claim 4 wherein the stop of using 
the second secret further comprises: 

refreshing the encrypted second secret. 

6. (Currently Amended) The method according to claim 1 wherein th e step of sending 
the subscriber identity to an authentication block comprises sending wirelessly the 
subscriber identity to the authentication block; and 

the st e p of w herein receiving from the authentication block comprises 
receiving wirelessly from the authentication block. 

7. (Currently Amended) The method according to claim 1 wherein the st e ps of : 

receiving from a mobile station a subscriber identity comprises receiving 
wirelessly from a mobile station a subscriber identity; 

sending the at least one challenge comprises sending wirelessly the at least 
one challenge; and 

receiving at least one second secret comprises receiving wirelessly at least 
one second secret. 

8. (Currently Amended) The method of auth e nticating o f according to claim 7 further 
comprising: 

receiving a SEN personal identification number from a user; and 
transmitting wirelessly the Pi Npersonal identification number to the mobile 

station. 

9. (Currently Amended) The method of auth e nticating o f according to claim 8 
wherein th e st e p of transmitting wirelessly comprises transmitting an infrared 
signal. 

10. (Currently Amended) The method of authenticating o f according to claim 8 
wherein th e st e p of transmitting wirelessly comprises transmitting a radio signal. 



-4 - 



Attorney Docket No. NC28444A(944-006.006-l) 

Serial No. 09/867,049 

(Currently Amended) The method of authenticating o f according to claim 8 
wherein tho stop of transmitting wirelessly comprises transmitting a low power 
radio signal. 

(Currently Amended) The method of auth e nticating o f according to claim 8 
wherein tho stop of transmitting wirelessly comprises transmitting an acoustic 
signal. 

(Currently Amended) An apparatus, A client ablo to bo authenticated to a 
communication syst e m, th e client comprising: 

a means for receiving at [[the]] a mobile client from a mobile station a 
subscriber identity corresponding to a subscriber of a mobile telecommunication 
network, wherein the mobile telecommunication network is separate from [[the]]_a 
communication system to which the mobile client is to be authenticated; 

a means for sending the subscriber identity to an authentication block of the 
mobile telecommunication network; 

a means for receiving at the mobile client from the authentication block at 
least one challenge and at least one first secret based on a subscriber's secret 
specific to the subscriber identity; 

a means for sending from the mobile client the at least one challenge to a 
subscriber identity module; and 

a means for receiving at the mobile client at least one second secret in 
response to the at least one challenge wherein the second secret is arranged to be 
used for authenticating the mobile client. 

(Currently Amended) The apparatus according to Th e cli e nt for auth e nticating of 

claim 13 further comprising: 

a means for receiving a PIN personal identification number from a user; and 
a means for transmitting wirelessly the Pj Npersonal identification number 

to the mobile station. 

(Canceled) 



(Canceled) 
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17. (Canceled) 

18. (Canceled) 

19. (Canceled) 

20. (Canceled) 

21. (Canceled) 

22. (Canceled) 

23. (Canceled) 

24. (Canceled) 

25. (Currently Amended) A method for providing at l e ast on e secr e t bas e d on a 
subscrib e r identity comprising th e st e ps of : 

retrieving from a subscriber identity module in a mobile station a subscriber 
identity corresponding to a subscriber of a mobile telecommunication network; 

sending wirelessly the subscriber identity from the mobile station to a 
mobile client for authenticating the mobile client to [[the]] a_communication 
system; 

receiving wirelessly at the mobile station from the mobile client at least one 
challenge based on a subscriber's secret specific to the subscriber identity; 

generating at the mobile station at least one secret in response to the at least 
one challenge; and 

sending from the mobile station wirelessly to the mobile client the at least 
one secret. 

26. (Currently Amended) The method of claim 25 wherein the method further 
comprises a st e p of wirelessly receiving a request. 
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27. (Currently Amended) The method of claim 26 wherein the request contains a 
PiN personal identification number . 

28. (Currently Amended) The method of claim 27 wherein the request contains an 
encrypted PiN personal identification number . 

29. (Currently Amended) The method of claim 27 further comprising a st e p of 
confirming that the PI Npersonal identification number matches a identity module 
PiN personal identification number . 

30. (Currently Amended) An apparatus, A mobil e station for providing at l e ast one 
s e cr e t bas e d on a subscrib e r identity comprising: 

means for retrieving from a subscriber identity module a subscriber identity 
corresponding to a subscriber of a mobile telecommunication network; 

means for sending wirelessly the subscriber identity to a mobile client for 
authenticating the mobile client to [[the]] a_communication system; 

means for receiving wirelessly from the mobile client at least one challenge 
based on a subscriber's secret specific to the subscriber identity; 

means for generating at least one secret in response to the at least one 
challenge and 

means for sending wirelessly the at least one secret. 

3 1 . (Currently Amended) The mobil e station apparatus of claim 30, further comprising 
a means for wirelessly receiving a request. 

32. (Canceled) 

33. (Canceled) 

34. (Canceled) 

35. (Previously Presented) A computer program product embodied in a computer 
readable medium for controlling a client in order to authenticate the client to a 
communication system by using a subscriber identity module of a mobile 
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telecommunications network, wherein the mobile telecommunications network is separate 
from the communications system to which the client is to be authenticated; the computer 
program product comprising: 

computer executable program code to enable the client to wirelessly retrieve from 
a subscriber identity module of a mobile station a subscriber identity corresponding to a 
subscriber of a mobile telecommunications network; 

computer executable program code to enable the client to wirelessly send the 
subscriber identity to an authentication block of the mobile telecommunications network; 

computer executable program code to enable the client to wirelessly receive from 
the authentication block of the network at least one challenge and at least one first secret 
based on a subscriber's secret specific to the subscriber identity; 

computer executable program code to enable the client to wirelessly send the at 
least one challenge to the subscriber identity module; 

computer executable program code to enable the client to wirelessly receive from 
the mobile station at least one second secret in response to the at least one challenge; and 

computer executable program code to enable the client to use the second secret for 
authenticating the client wherein the subscriber identity module is accessed over a local 
wireless link between the mobile station and the client when wirelessly retrieving the 
subscriber identity from the mobile station. 

36. (Cancelled) 

37. (Previously Presented) A computer program product embodied in a computer 
readable medium for controlling a device for authenticating a client to a communications 
system using a subscriber identity module of a mobile telecommunications network, 
wherein the communications system is separate from the mobile telecommunications 
network, the computer program product comprising: 

computer executable program code to enable the device to retrieve from a 
subscriber identity module a subscriber identity corresponding to a subscriber of a mobile 
telecommunications network; 

computer executable program code to enable the device to send the subscriber 
identity to a client over a local wireless link for authenticating the client to the 
communications system; 
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computer executable program code to enable the device to receive over the local 
wireless link from the client at least one challenge based on a subscriber's secret specific to 
the subscriber identity; 

computer executable program code to enable the device to provide the at least one 
challenge to the subscriber identity module and receiving at least one authentication secret 
in response to the challenge; and 

computer executable program code to enable the device to send the at least one 
authentication secret over the local wireless link to the client for use by the client in said 
authenticating the client to the communications system. 

38. (New) An apparatus, comprising: 

a first module for receiving at a mobile client from a mobile station a 
subscriber identity corresponding to a subscriber of a mobile telecommunication 
network, wherein the mobile telecommunication network is separate from a 
communication system to which the mobile client is to be authenticated; 

a second module for sending the subscriber identity to an authentication 
block of the mobile telecommunication network; 

a third module for receiving at the mobile client from the authentication 
block at least one challenge and at least one first secret based on a subscriber's 
secret specific to the subscriber identity; 

a fourth module for sending from the mobile client the at least one 
challenge to a subscriber identity module; and 

a fifth module for receiving at the mobile client at least one second secret in 
response to the at least one challenge, wherein the second secret is arranged to be 
used for authenticating the mobile client to the communication system. 

(New) The apparatus according to claim 38, further comprising: 

a user interface for receiving a personal identification number from a user; 

a transmitter for transmitting wirelessly the personal identification number 
to the mobile station. 

40. (New) The apparatus according to claim 39, further comprising: 



39. 



and 
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a encrypter for encrypting the personal identification number before 
transmitting the personal identification number. 

41 . (New) The apparatus according to claim 38 wherein the fifth module further 
comprises: 

an encrypter for encrypting the second secret to provide a encrypted second 
secret; and 

a transmitter for transmitting the encrypted second secret to the 
communication system. 

42. (New) The apparatus according to claim 38 wherein the fifth module is configured 
to refresh the encrypted second secret. 

43. (New) The apparatus according to claim 38, further comprising a transmitter for 
sending wirelessly the subscriber identity to the authentication block; and 

a receiver for receiving wirelessly from the authentication block. 

44. (New) The apparatus according to claim 38, further comprising a receiver for 
receiving wirelessly from a mobile station a subscriber identity; and 

a transmitter for sending wirelessly the at least one challenge; 

wherein the receiver is configured to receive wirelessly at least one second 

secret. 

45. (New) The apparatus according to claim 44, further comprising: 

a user interface for receiving a personal identification number from a user; 

and 

wherein the transmitter is configured to transmit wirelessly the personal 
identification number to the mobile station. 

46. (New) The apparatus according to claim 44, wherein the transmitter is configured 
to transmit an infrared signal. 

47. (New) The apparatus according to claim 44, wherein the transmitter is configured 
to transmit a radio signal. 
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48. (New) The apparatus according to claim 44, wherein the transmitter is configured 
to transmit a low power radio signal. 

49. (New) The apparatus according to claim 44, wherein the transmitter is configured 
to transmit an acoustic signal. 

50. (New) An apparatus, comprising: 

a first module for retrieving from a subscriber identity module a subscriber 
identity corresponding to a subscriber of a mobile telecommunication network; 

a second module for sending wirelessly the subscriber identity to a mobile 
client for authenticating the client to a communication system; 

a third module for receiving wirelessly from the mobile client at least one 
challenge based on a subscriber's secret specific to the subscriber identity; 

a fourth module for generating at least one secret in response to the at least 
one challenge; and 

a fifth module for sending wirelessly the at least one secret. 

51. (New) The apparatus of claim 50, further comprising a receiver for wirelessly 
receiving a request. 

52. (New) The apparatus of claim 5 1 wherein the request contains a personal 
identification number. 

53. (New) The apparatus of claim 52 wherein the request contains an encrypted 
personal identification number. 

54. (New) The apparatus of claim 52, further comprising a comparator for confirming 
that the personal identification number matches a identity module personal 
identification number. 
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